Overview

Why you might ask? Because it’s interesting to see what all the things on your network are phoning home to. Most modern devices will not hard code and IP address for operations since those tend to be transient in nature now.

So this post is has my Logstash configuration It’s pretty simple.

Prerequisites

Must have Elasticsearch, Logstash, and Kibana installed.

Must have PFSense setup with logging turned up to 5 for the unbound process.

It looks like the package didn’t install the http2 module during a recent upgrade I did. A workaround to install the http2 module on Ubuntu 16.04 if it’s not present in your apache2 installed package. This method should still allow you to get security updates.

The solution is to compile the current apache2 build and just copy the required module into the appropriate folders.